Getting cookies in flashsocket protocol

[scotu]

I'm using this trick to get cookies from the client: https://gist.github.com/614068

I've noticed that client.request.headers.cookie is null in case the protocol used is flashsocket, it is working fine at least in websockets and xhr-multipart

I wasn't sure if this should be reported here or in the client side project, feel free to tell me to try reposting this to client side socket.io project
Also I'm not sure that that trick is "correct" and usable...

thanks

[scotu]

I have to correct myself, client.request.headers.cookie actually contains socketio=flashsocket but I can't find connect.sid key (that appears using other protocols)

[danielbeardsley]

I believe this is the because flash maintains its own cookie jar i.e. it doesn't use the same set of cookies that the browser already has.

[scotu]

Thanks for the reply.
I'm not really into flash, but do you think it is possible to uniform the behaviour in this direction? If it is not appropriate for upstream socket.io, maybe I could mantain my own patch

[danielbeardsley]

It might be better to do authentication outside of cookies, ie.. have the first message sent via socket.io be an authentication request.

http://stackoverflow.com/questions/602665/how-can-i-get-flash-to-share-the-browser-cookies-session

[scotu]

good, thanks for the tip. I'll see If I can get it to work and close this issue

[vsviridov]

afaik, vanilla websocket only deals with "httpOnly" cookies. Flash websocket on the other hand does not (it can only see cookies available to the JavaScript).

What I've found is that you can set cookie twice, one with httpOnly flag being set, and another one without. This way flash socket and vanilla socket would pick out appropriate cookie and use it.